Security of agentic orchestration
How should memory, tool use, permissions, and long-horizon autonomy be bounded so that agentic systems remain useful without becoming operationally brittle or unsafe?
Ongoing work
Living research notebook
Use this page for brief updates, evolving questions, technical observations, and commentary on directions that are still taking shape.
Current Direction
Current Direction
Trustworthy physical AI pipelines
What changes when sensing, compute, communication, timing, and actuation all become part of the attack surface rather than only the model weights?
Current Direction
Hardware-aware AI defense co-design
Which combinations of robust learning, runtime checks, architectural hardening, and physical countermeasures remain practical under real area, power, latency, and deployment constraints?
Use This Page For
Fast updates without redesigning the site
Add one short entry whenever you want to comment on a recent paper, industry trend, benchmark gap, or open problem. This keeps the website active and intellectually current.